a botnet is a simple thing. it's a network of computers connected over the internet that can be instructed to carry out specific tasks. the problem with botnets is typically the owners of those computers don't know that they are carrying out those tasks. botnets have existed in various forms for well over a decade, and they are now recognized as a weapon of choice for cyber criminals, and it is easy to see why. a botnet can increase the computing resources at a hacker's disposal exponentially all while helping conceal the hacker's identity. a cyber criminal with access to a large botnet can command a virtual army of millions, most of whom have no idea that they have been conscripted. botnets enable criminals to steal individual's personal and financial information, to plunder bank accounts, to commit identity theft on a massive scale. for years botnets have sent most of the spam that we all receive. the largest botnets are capable of sending billions of spam messages every day. botnets are also used to launch di

the botnets and the computers. traffic generated by infected computers is either disabled or routed to domains controlled by microsoft where the ip addresses of the victims identified. privacy's a fundamental value. when we execute an operation we are required to work within the bounds of the court order. we never have access to e-mail or other continent of victim communications from infected computers. microsoft receives the addresses used by the infected computers to identify the victims. we give domestic ip addresses to providers in the united states to alert customers directly. we give the rest of computer emergency response teams commonly the owners are then notified of the assistance in cleaning their computers. in summary, to the course of an anti-botnet operation microsoft works with partners to protect millions of people and their computers against malicious cybercriminals. this has led to the disruption and shutdown of some of the most menacing threats to public trust and security on the internet. cybercr

the botnets and the computers. traffic generated by infected computers is either disabled or routed to domains controlled by microsoft where the ip addresses of the victims identified. privacy's a fundamental value. when we execute an operation we are required to work within the bounds of the court order. we never have access to e-mail or other continent of victim communications from infected computers. microsoft receives the addresses used by the infected computers to identify the victims. we give domestic ip addresses to providers in the united states to alert customers directly. we give the rest of computer emergency response teams commonly referred to as serts in country is a then mote if ied of the infections and offered assistance in cleaning the computers. in summary, to the course of an anti-botnet operations, microsoft works to protect millions of people and the computers against malicious siper criminals and led to the disruption of trust on the internet. cyber criminals continue to evolve. they keep deve

a botnet is a simple thing. it's a network of computers connected over the internet that can be instructed to carry out specific tasks. the problem with botnets is typically the owners of those computers don't know that they are carrying out those tasks. botnets have existed in various forms for well over a decade, and they are now recognized as a weapon of choice for cyber criminals, and it is easy to see why. a botnet can increase the computing resources at a hacker's disposal exponentially all while helping conceal the hacker's identity. a cyber criminal with access to a large botnet can command a virtual army of millions, most of whom have no idea that they have been conscripted. botnets enable criminals to steal individual's personal and financial information, to plunder bank accounts, to commit identity theft on a massive scale. for years botnets have sent most of the spam that we all receive. the largest botnets are capable of sending billions of spam messages every day. botnets are also used to launch di

the technique used to go after these botnets have been as varied as the botnets themselves. many use the court system with such ancient common law claims. in 2011, if government obtained, for the first time, a court order that allowed it to seize control of a botnet using a substitute command and control server. microsoft, working with law enforcement, has obtained several restraining orders to disrupt and in some cases, take down original botnets. earlier this year, working with the private sector and law enforcement agencies around the world, obtained a restraining order allowing them to take over the game over zeuss botnet. it was designed to tlart efforts to stop them. each of our witnesses today has played a role in our efforts to stop botnets. i look forward to learning more about these and other enforcement actions. we must recognize that enforcement is just one part of the answer. i'm interested in how we can better inform users of the dangers of botne strks and what other hygiene steps we can take to address this threat. >> my hope is that this starts a kfrgts day-t

thank you for inviting me to testify on the subject of botnets. i am speaking today in my i am speaking in my personal capacity based on a long history of securing infrastructure, most here at the messaging mall ware and antiabias working group who's international mep ship is working to improve the security condition worldwide. we start by reviewing some successful bott net take downs in recent years. they may prove instructive as they are successes. in 2008, the conflict worm was discovered. i had -- competing commercials security companies. members cooperated with each other to mitigate this global threat. then in 2011, the u.s. department of justice led operation ghost click, in which a criminal gang in estonia was arrested, charged with wire fraud and conspiracy. while shutting off the criminal infrastructure the victims depended on. my employer was the court-appointed receiver for the criminals internet connectivity and resources. i personally prepared, installed and operated the replacement servers necessary for that takedown. in each of the

botnets pose a significant risk to governments and businesses. increasingly bots are -- ransom wear, driving identity theft, takeovers and holding users and their data hostage. it's important to recognize that fighting bots is not a domestic issue. criminals are leverages the jurisdictional limitation of the law infersment and often operation with impunity. left uninvaded they are a significant threat to our infrastructure and our economy. in my brief testimony, i will touch on five keir areas -- status of industry efforts, a holistic anti-bot strategy, the role and issues of takedowns, the role of data sharing, and the importance of privacy safeguards. efforts to combat botnets have been arranged by a -- an example is the fcc's security and interoperability council which last year developed an antibotnet code of conduct for isps. this is a first is it eman example of the industry's ability to self-regulate. in parallel, the ota has fa silled several efforts bringing in leaders around the world. we have published specific remediation and notifica